package com.hypersocket.server.handlers.impl;

import com.fasterxml.jackson.databind.JsonNode;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.hypersocket.server.HypersocketServer;
import com.hypersocket.server.handlers.HttpRequestHandler;
import com.hypersocket.server.handlers.impl.ContentHandlerImpl;
import com.hypersocket.utils.HttpUtils;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.InputStream;
import java.io.UnsupportedEncodingException;
import java.net.MalformedURLException;
import java.net.URL;
import java.net.URLEncoder;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.Base64;
import java.util.HashMap;
import java.util.Map;
import java.util.UUID;
import javax.annotation.PostConstruct;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Component;

@Component
/* loaded from: input_file:com/hypersocket/server/handlers/impl/OAuth2CompleteContentHandler.class */
public class OAuth2CompleteContentHandler extends HttpRequestHandler implements ContentHandler {
    static final Logger LOG = LoggerFactory.getLogger(OAuth2CompleteContentHandler.class);
    public static final String PATH_PREFIX = "/oauth2Complete";

    @Autowired
    private HypersocketServer server;

    @Autowired
    private HttpUtils httpUtils;
    private Map<String, OAuth2Authorization> authorizations;

    /* loaded from: input_file:com/hypersocket/server/handlers/impl/OAuth2CompleteContentHandler$OAuth2Authorization.class */
    public static class OAuth2Authorization {
        public static final String ATTRIBUTE_NAME = OAuth2Authorization.class.getName();
        private final String state;
        private String browserUri;
        private final String tokenUri;
        private final String codeVerifier;
        private final String redirectUri;
        private final String clientId;
        private final OAuth2Authorized onAuthorized;

        public OAuth2Authorization(String str, OAuth2Request oAuth2Request, OAuth2Authorized oAuth2Authorized) {
            this.clientId = oAuth2Request.clientId;
            this.browserUri = str;
            this.codeVerifier = oAuth2Request.codeVerifier;
            this.redirectUri = oAuth2Request.redirectUri;
            this.state = oAuth2Request.state;
            this.onAuthorized = oAuth2Authorized;
            this.tokenUri = oAuth2Request.baseUri + "/app/api/oauth2/token";
        }

        public String getRedirectUri() {
            return this.redirectUri;
        }

        public String getCodeVerifier() {
            return this.codeVerifier;
        }

        public String getTokenUri() {
            return this.tokenUri;
        }

        public String getBrowserUri() {
            return this.browserUri;
        }

        public String getState() {
            return this.state;
        }

        protected void setBrowserUri(String str) {
            this.browserUri = str;
        }

        protected final void handleAuthorization(OAuth2Token oAuth2Token, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, OAuth2Authorization oAuth2Authorization) throws Exception {
            this.onAuthorized.handleAuthorization(oAuth2Token, httpServletRequest, httpServletResponse, oAuth2Authorization);
        }

        public String getClientId() {
            return this.clientId;
        }
    }

    /* loaded from: input_file:com/hypersocket/server/handlers/impl/OAuth2CompleteContentHandler$OAuth2Authorized.class */
    public interface OAuth2Authorized {
        void handleAuthorization(OAuth2Token oAuth2Token, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, OAuth2Authorization oAuth2Authorization) throws Exception;
    }

    /* loaded from: input_file:com/hypersocket/server/handlers/impl/OAuth2CompleteContentHandler$OAuth2Request.class */
    public static class OAuth2Request {
        private final String codeChallenge;
        private final String state;
        private final String baseUri;
        private final String redirectUri;
        private final String clientId;
        private final String clientSecret;
        private final String codeVerifier;

        public OAuth2Request(String str, HttpServletRequest httpServletRequest, String str2) {
            this(str, httpServletRequest, str2, null, null);
        }

        public OAuth2Request(String str, HttpServletRequest httpServletRequest, String str2, String str3, String str4) {
            this.baseUri = str;
            this.clientId = str3;
            this.clientSecret = str4;
            try {
                URL url = new URL(httpServletRequest.getRequestURL().toString());
                this.redirectUri = url.getProtocol() + "://" + url.getHost() + (url.getPort() == -1 ? "" : ":" + url.getPort()) + str2 + "/oauth2Complete";
                this.codeVerifier = OAuth2CompleteContentHandler.genToken();
                MessageDigest messageDigest = MessageDigest.getInstance("SHA256");
                messageDigest.reset();
                messageDigest.update(this.codeVerifier.getBytes("UTF-8"));
                this.codeChallenge = Base64.getEncoder().encodeToString(messageDigest.digest());
                this.state = OAuth2CompleteContentHandler.genToken();
            } catch (UnsupportedEncodingException | MalformedURLException | NoSuchAlgorithmException e) {
                throw new IllegalStateException("Failed to create OAuth2 request.", e);
            }
        }

        public String uri(String str) {
            try {
                String str2 = this.clientId == null ? "" : "client_id=" + URLEncoder.encode(this.clientId, "UTF-8") + "&";
                if (this.clientSecret != null) {
                    str2 = str2 + "client_secret=" + URLEncoder.encode(this.clientSecret, "UTF-8") + "&";
                }
                return this.baseUri + "/app/oauth2?" + str2 + "state=" + URLEncoder.encode(this.state, "UTF-8") + "&scope=" + str + "&response_type=code&code_challenge=" + URLEncoder.encode(this.codeChallenge, "UTF-8") + "&code_challenge_method=S256&redirect_uri=" + URLEncoder.encode(this.redirectUri, "UTF-8");
            } catch (UnsupportedEncodingException e) {
                throw new IllegalStateException(e);
            }
        }

        public String codeVerifier() {
            return this.codeVerifier;
        }

        public String state() {
            return this.state;
        }
    }

    /* loaded from: input_file:com/hypersocket/server/handlers/impl/OAuth2CompleteContentHandler$OAuth2Token.class */
    public static class OAuth2Token {
        private String token;
        private String refreshToken;
        private long expires;

        public OAuth2Token(String str, String str2, long j) {
            this.token = str;
            this.refreshToken = str2;
            this.expires = j;
        }

        public String getToken() {
            return this.token;
        }

        public String getRefreshToken() {
            return this.refreshToken;
        }

        public long getExpires() {
            return this.expires;
        }
    }

    public OAuth2CompleteContentHandler() {
        super("oAuth", 9999);
        this.authorizations = new HashMap();
    }

    @Override // com.hypersocket.server.handlers.impl.ContentHandler
    public String getResourceName() {
        throw new UnsupportedOperationException();
    }

    @Override // com.hypersocket.server.handlers.impl.ContentHandler
    public InputStream getResourceStream(String str) throws FileNotFoundException {
        throw new UnsupportedOperationException();
    }

    @Override // com.hypersocket.server.handlers.impl.ContentHandler
    public long getResourceLength(String str) throws FileNotFoundException {
        return 0L;
    }

    @Override // com.hypersocket.server.handlers.impl.ContentHandler
    public long getLastModified(String str) throws FileNotFoundException {
        return System.currentTimeMillis();
    }

    @Override // com.hypersocket.server.handlers.impl.ContentHandler
    public int getResourceStatus(String str) throws RedirectException {
        synchronized (this.authorizations) {
        }
        return 200;
    }

    @Override // com.hypersocket.server.handlers.impl.ContentHandler
    public void addAlias(String str, String str2) {
        throw new UnsupportedOperationException();
    }

    @Override // com.hypersocket.server.handlers.impl.ContentHandler
    public void addFilter(ContentFilter contentFilter) {
        throw new UnsupportedOperationException();
    }

    @Override // com.hypersocket.server.handlers.impl.ContentHandler
    public void removeAlias(String str) {
        throw new UnsupportedOperationException();
    }

    @Override // com.hypersocket.server.handlers.impl.ContentHandler
    public void addDynamicPage(String str) {
        throw new UnsupportedOperationException();
    }

    @Override // com.hypersocket.server.handlers.impl.ContentHandler
    public boolean hasAlias(String str) {
        return false;
    }

    @Override // com.hypersocket.server.handlers.HttpRequestHandler
    public boolean handlesRequest(HttpServletRequest httpServletRequest) {
        return httpServletRequest.getRequestURI().equals(this.server.getBasePath() + "/oauth2Complete");
    }

    @Override // com.hypersocket.server.handlers.HttpRequestHandler
    public void handleHttpRequest(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException {
        synchronized (this.authorizations) {
            String parameter = httpServletRequest.getParameter("state");
            if (parameter == null) {
                LOG.error("No state parameter provided for oauth2 handler.");
                httpServletResponse.sendError(500);
                return;
            }
            OAuth2Authorization oAuth2Authorization = this.authorizations.get(parameter);
            if (oAuth2Authorization == null) {
                LOG.warn("LogonState has expired.");
                httpServletResponse.sendError(500);
                return;
            }
            httpServletRequest.setAttribute(OAuth2Authorization.ATTRIBUTE_NAME, oAuth2Authorization);
            String parameter2 = httpServletRequest.getParameter("error");
            String parameter3 = httpServletRequest.getParameter("errorDescription");
            if (StringUtils.isNotBlank(parameter2) && StringUtils.isBlank(parameter3)) {
                parameter3 = "The authorization server returned the error '" + parameter2 + "'";
            }
            String browserUri = oAuth2Authorization.getBrowserUri();
            try {
            } catch (Exception e) {
                LOG.error("Failed to complete authorization (" + oAuth2Authorization.getTokenUri() + ").", e);
                httpServletRequest.getSession().setAttribute("flashStyle", "danger");
                httpServletRequest.getSession().setAttribute("flash", e.getMessage());
                browserUri = oAuth2Authorization.getBrowserUri();
            }
            if (StringUtils.isNotBlank(parameter3)) {
                throw new IllegalStateException("Failure OAuth response. " + parameter3);
            }
            String parameter4 = httpServletRequest.getParameter("code");
            if (StringUtils.isBlank(parameter4)) {
                throw new IllegalArgumentException("No code parameter provided for oauth2 handler.");
            }
            LOG.info(String.format("Handling oauth reply for state %s. Token URI is %s", parameter, oAuth2Authorization.getTokenUri()));
            HashMap hashMap = new HashMap();
            hashMap.put("grant_type", "authorization_code");
            hashMap.put("code", parameter4);
            hashMap.put("redirect_uri", oAuth2Authorization.getRedirectUri());
            hashMap.put("client_id", oAuth2Authorization.getClientId());
            hashMap.put("code_verifier", oAuth2Authorization.getCodeVerifier());
            HashMap hashMap2 = new HashMap();
            hashMap2.put("Origin", "moz-extension://");
            JsonNode readTree = new ObjectMapper().readTree(this.httpUtils.doHttpPost(oAuth2Authorization.getTokenUri(), hashMap, true, hashMap2));
            if (readTree.has("error")) {
                String asText = readTree.get("error").asText();
                String asText2 = readTree.has("error_description") ? readTree.get("error_description").asText() : null;
                throw new IllegalStateException(asText + ". " + (asText2 == null ? "" : " " + asText2));
            }
            oAuth2Authorization.handleAuthorization(new OAuth2Token(readTree.get("access_token").asText(), readTree.has("refresh_token") ? readTree.get("refresh_token").asText() : null, System.currentTimeMillis() + (readTree.get("expires_in").asInt() * 1000)), httpServletRequest, httpServletResponse, oAuth2Authorization);
            httpServletResponse.setHeader("Location", browserUri);
            httpServletResponse.sendError(302);
        }
    }

    @Override // com.hypersocket.server.handlers.HttpRequestHandler
    public boolean getDisableCache() {
        return true;
    }

    public void expectAuthorize(OAuth2Authorization oAuth2Authorization) {
        synchronized (this.authorizations) {
            this.authorizations.put(oAuth2Authorization.getState(), oAuth2Authorization);
        }
    }

    @PostConstruct
    private void setup() {
        this.server.registerHttpHandler(this);
    }

    @Override // com.hypersocket.server.handlers.impl.ContentHandler
    public void addCSPFilter(ContentHandlerImpl.CSPFilter cSPFilter) {
        throw new UnsupportedOperationException();
    }

    public static String genToken() {
        return UUID.randomUUID().toString().replace("-", "");
    }
}
